This document outlines security concepts and systems for biosafety labs. It describes elements of security systems like clear zones, barriers, lighting, locks, and electronic security systems. These elements work together in concentric "rings of security" to deter, detect, assess, delay, and deny threats. The document also provides a hypothetical scenario of terrorist operatives surveilling and breaching security at several facilities, ultimately stealing biological materials from Plum Island Animal Disease Center due to weaknesses in its security systems.

1. Author
Richard Kibbey
Presented by:
Amna Jalil (04)

2. CDC 8th National Biosafety Symposium,
Atlanta, Georgia, 2004

4. Overview of the security concepts and the
systems
 Need of security expert
 One’s own organization
 Full or part-time contractor

5. Security is the degree of resistance to, or
protection from, harm. It applies to
any vulnerable and valuable asset,
such as a person, community, nation,
or organization (Biosafety labs)

6. Consist of equipment, policies
and procedures that support
each of the elements of security

7. Clear Zones
Barriers
Lighting
Shrouds
Locks
Electronic Security Systems
Guard forces

8. 30 feet clear zone --- from the protectable
object or facility
Void of
 Trash receptables
 Ashtrays
 dumpsters

11.  Restrict, deny or channel pedestrian or
vehicular traffic
 Not necessarily impenetrable – increase the
probability to detect people & vehicles –
trying to get illegal access

13. Significant deterrent – potential intruders
Enhances visibility for routine patrols &
general staff
Permanent lightening – adequate
illumination to
 Entry points
 Pathways
 Parking lots

14. Activated by Sensors – activate the lights
when penetrated
Can activated by
 Timers
 Manually

16. ◊ Often neglected component
◊ Support deterrence & delay by providing
concealment from chance and direct
surveillance
◊ Purpose – limit visibility from unauthorized
sources
◊ Simple – darkened windows, curtains
◊ Complex – walls, coverings even shrubbery

18. Many shapes and forms
Single hasp lock to very complex systems
Include:
 Standard key lock
 Combination lock
 Cipher lock
 Card access control systems including swipe card lock
and biometric
Can be tied in electronic security system

21. • Come in three flavors
Access Control Systems
Security Surveillance
Intrusion Detection Systems (IDS)

22. ACCESS CONTROL SYSTEMS
Devices designed to limit access --- site,
building, room or container
Simple – swipe access system
Complex -- biometrics

24. SECURITY SURVEILLANCE
Most common – CCTV
When choosing CCTV
 Resolution power and image quality
 Color or black & white
 Zoom capability
 Transmission mode

27. INTRUSION DETECTION SYSTEMS (IDS)
Identify unauthorized entry
Connected to monitoring system – fall into 3
categories
1. Local alarm system – when IDS breached–
sounds an alarm for a local security officer
2. 24-hour central station – usually
commercially operated – when get alarm,
they contact local police

28. 3. Propriety alarm systems – controlled and
monitored within the facility

29. Response forces
Balance between use of security technology &
properly trained security staff

32. Elements of security systems are the rings –
around the resource need to be protected
Each ring supported by security equipments
and procedures – deter, detect or support
defeating an adversary by being applied on
one or more rings of security

33. Rings of
Security
Deter
Detect
Assess
Delay
Respond
Deny

35. Prevention of action through a fear of
unacceptable consequences
Psychological state
Perception of security system – from outside
look
If PTE feels fear – move to other place
Let’s keep them away from here

36. o Determination and transmission that an event
has occurred
o Use of technology – increases capability

37. Analysis of an event by a person directly
onsite or via technology
Now-a-days – CCTV systems
Necessary --- determination of the validation
of alarm & appropriate response

38. Ability of physical or psychological barriers to
restrict movement
Purpose – allow time for an appropriate
response – make impossible for intruder to
continue

39. Level of reaction required to counter an
intrusion
Response forces
 Unarmed security guards or staff
 Local police
High level – dedicated armed forces – nuclear
storage areas

40. Ability to oppose or negate the effects of an
action
Final chance to defeat an adversary

41. To avoid the Probable threat element (PTE)
Hypothetical Scenario
Four Field members of some terrorist agency
meet in the Baltimore in December 2002
 2 from New york
 2 from Fort Worth
Their Mission: Steal biological material---
used in bioterror attack on US food supply

42. Hypothetical Scenario

43. March 2003 --- Black Angus restaurant
Atlanta – target selection
 Pre-selection Operations --- 3 locations
• Centers for Disease Control and
Prevention in AtlantaCDC
• U.S. Army Medical Research Institute
of Infectious Diseases in MarylandUSAMRIID
• Plum Island Animal Disease Center
in Long Island, New YorkPlum Island

44.  Identification of weaknesses in security – to
exploit
Find a location with
 Poor lighting
 Weak CCTV system
 Inconsistent access control system

45. Began from April to June 2003
Observations were recorded and discovered
 New alarm systems at CDC
 High-tech TV systems– throughout complex
 Barriers – movement hindrance
Assessment
Security components – hindered proposed
operation

46. Occurred from July to August 2003
Problems were similar to CDC
 Many lights & security structures
 Barriers
 Access control procedures
Assessment
Location was too difficult

47. August through September 2003
Many weaknesses were found
 Numerous gaps in security
 Doors left open for ventilation
 Some windows left open overnight
 Alarms and door sensors not operational
 Poor lighting
 Inadequate and broken CCTV
Assessment
Plum Island was selected as target

48. ◊ From September to December 2003
◊ Found a route of entry – A window – left
unlocked most evenings
◊ Daily operations were observer and target
selection was made

49. Attack was conducted early in January 2004
1 person – at vehicle – half a mile away
3 persons – entered building from window
Gained access – cutting hole in drywall
Took several vials of hoof and mouth virus
and exited
Whole operation took 70 minutes